โผ CVE-2021-1546 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-34699 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this vulnerability by requesting a particular CLI command to be run through the web UI. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1419 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1615 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC) Software for Catalyst Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected AP. This vulnerability is due to insufficient buffer allocation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to exhaust available resources and cause a DoS condition on an affected AP, as well as a DoS condition for client traffic traversing the AP.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1589 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exists because access to API endpoints is not properly restricted. An attacker could exploit this vulnerability by sending a request to an API endpoint. A successful exploit could allow the attacker to gain unauthorized access to administrative credentials that could be used in further attacks.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-34724 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-34726 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-34712 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the interface of an affected system. A successful exploit could allow the attacker to obtain sensitive information.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-34723 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific CLI command parameters. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of the configuration database and gain root-level access to an affected device.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-1623 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) condition. This vulnerability is due to the punt path being overwhelmed by large quantities of SNMP requests. An attacker could exploit this vulnerability by sending a large number of SNMP requests to an affected device. A successful exploit could allow the attacker to overload the device punt path, resulting in a DoS condition.๐ Read
via "National Vulnerability Database".
๐๏ธ Beego patches severe XSS vulnerability in open source web framework ๐๏ธ
๐ Read
via "The Daily Swig".
Security flaw allowed attackers to gain a foothold into a victimโs network๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Beego patches severe XSS vulnerability in open source web framework
Security flaw allowed attackers to gain a foothold into a victimโs network
โ Large-Scale Phishing-as-a-Service Operation Exposed โ
๐ Read
via "Threat Post".
Discovery of BulletProofLinkโwhich provides phishing kits, email templates, hosting and other toolsโsheds light on how wannabe cybercriminals can get into the business.๐ Read
via "Threat Post".
Threat Post
Large-Scale Phishing-as-a-Service Operation Exposed
Discovery of BulletProofLinkโwhich provides phishing kits, email templates, hosting and other toolsโsheds light on how wannabe cybercriminals can get into the business.
๐๏ธ Netgear fixes RCE flaw in routersโ parental controls feature ๐๏ธ
๐ Read
via "The Daily Swig".
Bug in third-party code offers salutary lessons around enterprise risk management, say researchers๐ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Netgear fixes RCE flaw in routersโ parental controls feature
Bug in third-party code offers salutary lessons around enterprise risk management, say researchers
โ Domain Brand Monitor: The First Brand Protection Layer by WhoisXML API โ
๐ Read
via "Threat Post".
Domain names are often brands' most valuable and impersonated assets. Learn how Brand Monitor by WhoisXML API supports brand protection.๐ Read
via "Threat Post".
Threat Post
Domain Brand Monitor: The First Brand Protection Layer by WhoisXML API
Domain names are often brands' most valuable and impersonated assets. Learn how Brand Monitor by WhoisXML API supports brand protection.
โ Google Report Spotlights Uptick in Controversial โGeofence Warrantsโ by Police โ
๐ Read
via "Threat Post".
Digital privacy rights defenders contend that geofencing warrants grab data on everyone near a crime, without cause.๐ Read
via "Threat Post".
Threat Post
Google Report Spotlights Uptick in Controversial โGeofence Warrantsโ by Police
Digital privacy rights defenders contend that geofencing warrants grab data on everyone near a crime, without cause.
โ Acronis Offers up to $5,000 to Users Who Spot Bugs in Its Cyber Protection Products โ
๐ Read
via "Threat Post".
Once available only to the cybersecurity community, Acronis has opened its bug-hunting program to the public and aims to double the total bounties paid.๐ Read
via "Threat Post".
Threat Post
Acronis Offers up to $5,000 to Users Who Spot Bugs in Its Cyber Protection Products
Once available only to the cybersecurity community, Acronis has opened its bug-hunting program to the public and aims to double the total bounties paid.
โ๏ธ Indictment, Lawsuits Revive Trump-Alfa Bank Story โ๏ธ
๐ Read
via "Krebs on Security".
In October 2016, media outlets reported that data collected by some of the world's most renowned cybersecurity experts had identified frequent and unexplained communications between an email server used by the Trump Organization and Alfa Bank, one of Russia's largest financial institutions. Those publications set off speculation about a possible secret back-channel of communications, as well as a series of lawsuits and investigations that culminated last week with the indictment of the same former federal cybercrime prosecutor who brought the data to the attention of the FBI five years ago.๐ Read
via "Krebs on Security".
Krebs on Security
Indictment, Lawsuits Revive Trump-Alfa Bank Story
In October 2016, media outlets reported that data collected by some of the world's most renowned cybersecurity experts had identified frequent and unexplained communications between an email server used by the Trump Organization and Alfa Bank, one of Russia'sโฆ
โผ CVE-2021-22019 โผ
๐ Read
via "National Vulnerability Database".
The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-22007 โผ
๐ Read
via "National Vulnerability Database".
The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-22949 โผ
๐ Read
via "National Vulnerability Database".
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team"๐ Read
via "National Vulnerability Database".
โผ CVE-2021-22016 โผ
๐ Read
via "National Vulnerability Database".
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.๐ Read
via "National Vulnerability Database".